Lead Cyber Operations Engineer - Physical Security
Ready to further your career in the fast-paced, exciting world of cyber security?
Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.
Our mission is simple: End Cyber Risk. We’re looking for a Lead Cyber Operations Engineer - Physical Security to be part of making this happen.
The Lead Cyber Operations Engineer manages incoming cyber and physical security incidents while working within the Security Operations team and Enterprise Security & Risk Management to provide post-incident remediation activities.
Security Incident Operations:
- Cover down as Incident Commander when required.
- Coordinate efforts on all action items between SecOps and other stakeholders during security incidents
- Schedule and lead security incident meetings (War Room Discussions, Postmortem) and provide RCA (Root Cause Analysis) Reports
- Conduct quality reviews on incoming and outgoing security incident tickets, security engagements, and at a system level looking for areas of improvement.
- Provide back-up support on security incident tickets and security inquires when required.
- Analyze incoming security events based on different data points, network, endpoint, and log sources expediently, consistently, and accurately.
- Support complex investigations within your area of expertise and leverage your security knowledge to engage the other experts within other disciplines appropriately.
- Provide on-call after hours support for security incident escalations as needed.
- Support the building of security Runbooks and other SOC (Security Operations Center) security documentation guides.
- Prioritize task work according to understood and implied priorities.
- Provide operational support (Supporting security metrics, supporting weekly security briefs, etc...)
Physical Security Operations:
- Lead the development and the implementation of the corporate Physical Security Program
- Create additional visibility for SecOps through alerting and additional visual/digital access where necessary.
- Deploy, maintain, and operate physical security systems, including access control and CCTV systems.
- Work closely with facilities to solve physical security gaps/technical issues.
- Support Continuity of Operations for physical security
- Develop and publish physical security policies, standards, and procedures.
- Develop/maintain physical security response Runbooks.
- Develop/maintain relationships between local emergency response (Law Enforcement, Fire, etc...)
- Manage Office Emergency response program for all corporate offices.
- Designate/maintain emergency response contacts for all corporate offices.
Required Skills and Experience:
- Relevant education could include a university degree, college diploma, or industry certifications.
- 5+ years' relevant experience.
- Familiarity with Security Information Event Management (SIEM)
- Understanding all phases of incident response
- Understanding of basic security detection, alerting, and network fundamentals
- Knowledge of core MacOS and Windows OS functions such as
- Understanding of basic Firewall concepts
- Familiarity with cloud-based infrastructure-as-a-service providers
- Familiarity with access control and CCTV systems
- Familiarity with common cloud-based services
- Understanding of Indicators of Compromise (IoC)
- Awareness of the difference between a critical event and a non-critical event
- Can write clearly and succinctly in a variety of communication settings and styles; can get messages across that have the desired effect.
- Uses rigorous logic and methods to identify potential problems. Probes all fruitful sources for answers; tries to identify hidden problems; is excellent at honest analysis; looks beyond the obvious and does not stop at the first answers.
- Basic understanding of Cyber Kill Chain or MITRE ATT&CK Framework
- Understanding of all stages of Incident Response
- Strong Analytical and problem-solving skills
- Effective communication skills, both written and verbal
About Arctic Wolf:
At Arctic Wolf we’re cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We’ve been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)—and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.
We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.
We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.
All wolves receive compelling compensation and benefits packages, including:
- Equity for all employees
- Bonus or commission pay based on role
- Flexible time off, paid volunteer days and paid parental leave
- 401k match
- Medical, Dental, and Vision insurance
- Health Savings and Flexible Spending Agreement
- Voluntary Legal Insurance
- Training and career development programs
- Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
- Background checks are required for this position.
Come join the Pack during this exciting time of rapid growth where every employee makes a difference and their contributions are recognized and rewarded.